A Security State of Mind: Compliance and Vulnerability Audits for Containers - Chris Van Tuin, Red Hat
Abstract
A Security State of Mind: Compliance and Vulnerability Audits for Containers Data breaches are on the rise and placing increased pressure on Enterprise IT to protect the business. With the rise of DevOps and as hackers takes advantage of known vulnerabilities on unpatched or misconfigured systems, Enterprise IT increasingly needs to automate vulnerability management, security management, and compliance checking. OpenSCAP is an opensource tool for automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise. In this presentation, you’ll learn about: * How Containers enable DevOps, Container Technology, and the security risks with deploying containers in the enterprise * Security vulnerability (CVEs) and Configuration issues (CCEs) notifications and checks * Automating vulnerability management, security management, and compliance checking with OpenSCAP * Scanning online and offline Containers and Virtual Machines with OpenSCAP * Generating and understanding OpenSCAP audit reports * Customizing OpenSCAP profiles Join Chris Van Tuin, Chief Technologist, West at Red Hat, as he walks through the inherent security risks of deploying containers in the enterprise and how OpenSCAP can help protect and secure the business.